<?php
define('DEBUG', "ON");
error_reporting(0);
mb_internal_encoding("UTF-8");
header('content-type: text/html; charset=utf-8');

mysql_connect($host, $user, $pwd) or system_error('ERROR: Can not connect to MySQL-Server');
mysql_select_db($db) or system_error('ERROR: Can not connect to database "'.$db.'"');


function globalskiller() {		// kills all non-system variables

  $global = array('GLOBALS', '_POST', '_GET', '_COOKIE', '_FILES', '_SERVER', '_ENV',  '_REQUEST', '_SESSION');
  foreach ($GLOBALS as $key=>$val) {
  	if(!in_array($key, $global)) {
  		if(is_array($val)) unset_array($GLOBALS[$key]);
  		else unset($GLOBALS[$key]);
  	}
  }
}
function unset_array($array) {

	foreach($array as $key) {
		if(is_array($key)) unset_array($key);
		else unset($key);
	}
}
globalskiller();


function security_slashes(&$array) {
	foreach($array as $key => $value) {
		if(is_array($array[$key])) {
			security_slashes($array[$key]);
		}
		else {
			if(get_magic_quotes_gpc()) {
				$tmp = stripslashes($value);
			}
			else {
				$tmp = $value;
			}
			if(function_exists("mysql_real_escape_string")) {
				$array[$key] = mysql_real_escape_string($tmp);
			}
			else {
				$array[$key] = addslashes($tmp);
			}
			unset($tmp);
		}
	}
}

security_slashes($_POST);
security_slashes($_COOKIE);
security_slashes($_GET);
security_slashes($_REQUEST);

// -- MYSQL QUERY FUNCTION -- //
$_mysql_querys = array();
function safe_query($query="") {
	global $_mysql_querys;
	if(stristr(str_replace(' ', '', $query), "unionselect")===FALSE AND stristr(str_replace(' ', '', $query), "union(select")===FALSE){
		$_mysql_querys[] = $query;
		if(empty($query)) return false;
		if(DEBUG == "OFF") $result = mysql_query($query) or die('Query failed!');
		else {
			$result = mysql_query($query) or die('Query failed: '
			.'<li>errorno='.mysql_errno()
			.'<li>error='.mysql_error()
			.'<li>query='.$query);
		}
		return $result;
	}
	else die();
}

function systeminc($file) {
	if(!include('src/'.$file.'.php')) system_error('Could not get system file for '.$file);
}


function system_error($text,$system=1) {

	die($text);
}

?>